Ref:
- https://www.digitalocean.com/community/tutorials/how-to-set-up-squid-proxy-on-ubuntu-20-04
- https://answers.microsoft.com/en-us/windows/forum/all/adding-credentials-to-windows-proxy-settings/d6fdab82-6163-4aad-8133-43f7706ceb9c#:~:text=Setting%20up%20the%20credentials%20for,user%20name%20and%20the%20password.
sudo apt update
sudo apt install squid
- Squid should automatically start running. Check with :
systemctl status squid.service
- Now edit config :
/etc/squid/squid.conf
as described below Recommended: Backup config file before editing :sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.orig
- Finally restart the squid service :
sudo systemctl restart squid.service
- this takes some time to complete
+
means add this line; -
means remove
To allow all clients, i.e. 0.0.0.0 with no authentication required
- http_access deny all
+ http_access accept all
curl -v -x http://localhost:3128 https://google.com
- Go to
Proxy settings
(search for the damn thing atWin+s
) Manual Proxy Setup
- Turn on
Use a proxy server
Address
is IP (127.0.0.1 in case some local port is forwarded to port 3128 at the remote proxy-server that does not have a public IP, using say tunnel or ipns-link)Port
is port number (the forwarded local port in case port forwarding is on, see above)Save
sudo apt install apache2-utils
sudo htpasswd -c /etc/squid/passwords <your_squid_username>
You’ll be prompted to add a password. This will store your username along with a hash of your new password in /etc/squid/passwords.
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM CLIENTS
#
include /etc/squid/conf.d/*
+ auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwords
+ auth_param basic realm proxy
+ acl authenticated proxy_auth REQUIRED
# Example rule allowing access from your local networks.
+ acl localnet src <your_ip_address> ## Do this only if the server has public IP
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
http_access allow localhost ## Serves well when server is exposed using tunnel or ipns-link or ngrok etc.
+ http_access allow authenticated
# And finally deny all other access to this proxy
http_access deny all
+
Don't forget to restart the squid service after config change.
curl -v -x http://<squid_user_name>:<squid_password>@localhost:3128 https://google.com
In Windows 10 menu, go to Settings (WinKey+I) and search for "Credential Manager". Under Windows Credentials, add a new entry for Windows Credentials. Enter the Proxy Server address (without the port number), your domain user name and the password.